4. You must now prepend "https://" to the URL you use to access Splunk Web.

Use web.conf

You can enable HTTPS through the web.conf configuration file. Edit this file in $SPLUNK_HOME/etc/system/local/ or your own custom application directory in $SPLUNK_HOME/etc/apps/. For information on configuration files in general, see how configuration files work.

Once you've made your changes, you must restart Splunk Web, as described in "Start Splunk".

Note: After changing the Splunk Web certificate, users may receive certificate warnings or be prompted by their browser to accept the new certificate.

Important note about the caCertPath attribute

When you use the caCertPath attribute to specify a new default certificate, make sure that the certificate file you specify:

Contains at least a server SSL certificate and a certificate authority (CA) certificate.

Contains multiple certificates in the proper sequence:

The server's SSL certificate.

Any intermediate certificates, if required.

The root certificate, if required.

Uses absolute paths to certificate files, for best results. While you can use relative paths, those paths are relative to $SPLUNK_HOME, and you cannot change this setting.

The caCertPath attribute cannot point to a file that contains only a CA certificate, because with only a CA certificate, SSL cannot properly establish a secure connection. If you specify a certificate file that only contains a CA certificate, Splunk Web over HTTPS will not work.

For more information on how to set the caCertPath attribute, read about web.conf in the Admin Manual.

Examples

Use a third-party certificate for Splunk Web

1. Follow the instructions to generate a new certificate signing request (CSR) and receive a new certificate from your organization's root certificate authority located here. The specifics of the openssl command vary depending on your operating system:

You can also use the above procedure to generate a new self-signed certificate if your self-signed certificate has expired.

Limitations

SSL key passphrases

Splunk Web does not currently support SSL key passphrases.

Firefox 3

If you are using Firefox 3, enabling SSL for a Splunk deployment may result in an "invalid security exception" being displayed in the browser. Refer to this workaround documentation for more information.

For more information

For detailed procedures that illustrate various scenarios for using SSL with Splunk Web, see

Enter your email address, and someone from the documentation team will respond to you:

Send me a copy of this feedback

Please provide your comments here. Ask a question or make a suggestion.

Feedback submitted, thanks!

You must be logged into splunk.com in order to post comments.
Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic.
If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk,
consider posting a question to Splunkbase Answers.

0
out of 1000 Characters

Your Comment Has Been Posted Above

We use our own and third-party cookies to provide you with a great online experience. We also use these cookies to improve our products and services, support our marketing campaigns, and advertise to you on our website and other websites. Some cookies may continue to collect information after you have left our website.
Learn more (including how to update your settings) here »